From a8e30ef31e0d2bc302b24d28d31def0ab0bd302c Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 11:16:21 +0000 Subject: [PATCH 1/2] fix: use RELEASE_PAT in release workflow to bypass branch protection rules The default GITHUB_TOKEN cannot push to main when repository rulesets require the "Apify pull request toolkit" workflow (which only runs on PRs). Using a PAT at checkout time allows git push to bypass this restriction. https://claude.ai/code/session_01Jhq1SCwkA8r1PBoTMSMmR9 --- .github/workflows/release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 341628b..408a67a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,6 +42,10 @@ jobs: - uses: actions/checkout@v6 with: fetch-depth: 0 + # Use a PAT so the release job can push the version-bump + # commit and tag directly to main, bypassing branch-protection + # rulesets that block the default GITHUB_TOKEN. + token: ${{ secrets.RELEASE_PAT }} - name: Set up Node.js uses: actions/setup-node@v6 From 86a488f9432a4908873b5facde98e7783d9837be Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 14:09:02 +0000 Subject: [PATCH 2/2] fix: use APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN in release workflow https://claude.ai/code/session_01Jhq1SCwkA8r1PBoTMSMmR9 --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 408a67a..7635fe4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,7 +45,7 @@ jobs: # Use a PAT so the release job can push the version-bump # commit and tag directly to main, bypassing branch-protection # rulesets that block the default GITHUB_TOKEN. - token: ${{ secrets.RELEASE_PAT }} + token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} - name: Set up Node.js uses: actions/setup-node@v6